Pages

Thursday, August 4, 2011

More on Cyber Leaks and Cyber Warfare in Korea

Press coverage of the recent cyber attacks on Nate and Cyworld and the resulting leakage of personal information is just beginning. Readers who found my previous post interesting may wish to read today's article in the Joongang Daily. It notes that controversy is heating up over Korean Web portal operators’ collection and storage of private data after the country’s worst cyber hacking case put over two-thirds of its population at risk of identity theft.
It also put a question mark on the effectiveness of the country’s controversial Internet regulations, such as the real-name verification law, which critics argue provide incentives for online companies to hoard personal information.

“While they didn’t have the ability to protect private data, they have been excessively collecting it,” said Lim Jong-in, dean of the Graduate School of Information Security at Korea University, referring to the country’s major Web portals.

Korean Internet users rely heavily on do-it-all, one-stop Web portals. They visit industry leader Naver at least three times for every four Internet uses, according to market research firm Metrix Corp., and the three most-visited Web portals account for more than 90 percent of the country’s Web search traffic.
These Web portals ask for names, resident registration numbers, birth dates, addresses and phone numbers to join their services, which are accumulated, some of them encrypted, in their servers for at least five years and become attractive “booty” for hackers.
“Instead of mere lists of online accounts, [hackers] could steal the full package of real world identities,” said Nakho Kim, a media researcher at the University of Wisconsin-Madison. “Due to government policies and industry laziness, many Korean online services tend to collect a lot of personal identity information.”
Readers following the broader global context of the recent cyber attacks on Nate and Cyworld will want to read The New York Timesarticle entitled "Security Firm Sees Global Cyberspying."